projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Move logging and related/established out of ferm.conf into a dsa.d rule
[mirror/dsa-puppet.git]
/
modules
/
xinetd
/
manifests
/
service.pp
diff --git
a/modules/xinetd/manifests/service.pp
b/modules/xinetd/manifests/service.pp
index
522af17
..
9924761
100644
(file)
--- a/
modules/xinetd/manifests/service.pp
+++ b/
modules/xinetd/manifests/service.pp
@@
-1,12
+1,13
@@
define xinetd::service (
$id,
$server,
define xinetd::service (
$id,
$server,
- $port,
+ $service,
+ $port='',
$bind='',
$type='',
$socket_type=stream,
$protocol=tcp,
$bind='',
$type='',
$socket_type=stream,
$protocol=tcp,
- $flags=
IPv6
,
+ $flags=
''
,
$wait=no,
$user=root,
$group='',
$wait=no,
$user=root,
$group='',
@@
-20,22
+21,22
@@
define xinetd::service (
) {
include xinetd
) {
include xinetd
- case $ensure {
- present,absent,file: {}
- default: { fail("Invalid ensure for '$name'") }
- }
-
- if $ferm {
- @ferm::rule { "dsa-xinetd-${name}":
- description => "Allow traffic to ${port}",
- rule => "&SERVICE(${protocol}, ${port})"
- }
- }
-
file { "/etc/xinetd.d/${name}":
ensure => $ensure,
content => template('xinetd/service.erb'),
notify => Service['xinetd'],
require => Package['xinetd'],
}
file { "/etc/xinetd.d/${name}":
ensure => $ensure,
content => template('xinetd/service.erb'),
notify => Service['xinetd'],
require => Package['xinetd'],
}
+
+ if $ferm {
+ $fermport = $port ? {
+ "" => $service,
+ default => $port
+ }
+
+ @ferm::rule { "dsa-xinetd-${name}":
+ description => "Allow traffic to ${service}",
+ rule => "&SERVICE(${protocol}, ${fermport})"
+ }
+ }
}
}